CSF on Virtuozzo

A installation of CSF performed on a VM (based on Virtuozzo) was no longer accepting traffic to VM. In order to correct this I created the csfpre.sh file (/etc/csf/csfpre.sh) – and set the following set of rules – are executed before all other statements when CSF is started:

iptables -A INPUT -i venet0 -j ACCEPT
iptables -A OUTPUT -o venet0 -j ACCEPT
iptables -A FORWARD -j ACCEPT -p all -s 0/0 -i venet0
iptables -A FORWARD -j ACCEPT -p all -s 0/0 -o venet0

This is required to allow the traffic through your virtual ethernet device (venet0). Restart the firewall and everything should work once again as expected.

Leave a Reply

Your email address will not be published. Required fields are marked *